Hi,
I’ve seen some tutorial to create EdDSA key with Gnupg
gpg --full-gen-key
and it’s supposed to allow me to create ECC key, but I see only
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
(14) Existing key from card
Your selection?\
gpg --version
show:
…
gpg (GnuPG) 2.2.27
Supported algorithms:
Pubkey: RSA, ELG, DSA, ECDH, ECDSA, EDDSA
…
Any idea what’s wrong ?
I remember on some distros I had to add
--expert
, never checked why. Maybe was an old version.gpg --expert --full-gen-key
Thank you @Anafabula@discuss.tchncs.de ! it works !
Please select what kind of key you want:
(1) RSA and RSA (default)
(2) DSA and Elgamal
(3) DSA (sign only)
(4) RSA (sign only)
(7) DSA (set your own capabilities)
(8) RSA (set your own capabilities)
(9) ECC and ECC
(10) ECC (sign only)
(11) ECC (set your own capabilities)
(13) Existing key
(14) Existing key from card\I’m wondering whats is the option: (9) ECC and ECC ?? I found nothing in their documentation :/
Unless you’re working with embedded chips with very small storage space, I’d recommend 4098-bit RSA
8096 bit is safer long term as it should remain uncrackable for a longer time.I was thinking you were talking about 2048
Does GPG support it?
Isn’t it the default?
Edit: I was mixing up 2048 with 4096
I had the same issue so wrote this down when I figured it out
Generate ultimate key
gpg2 --quick-generate-key hello@example.com ed25519 default 0
Add sub key
gpg2 --quick-add-key <FINGERPRINT> ed25519
List keys in long format
gpg2 --list-keys --with-subkey-fingerprint --keyid-format long
What distro and version of that distro are you using? Did you install gpg from the repository or elsewhere? What version of gpg are you running?